SCHEDULE

The Schedule

A one day immersive experience providing tactical and strategic insights

May 31, 2018, NY
8:00 am
-
9:00 am

Registration and Breakfast

Registration and Breakfast

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

9:00 am
-
9:30 am

Keynote

Policy, Intelligence and the Future

Discussed will be everything from government mandated cybersecurity policy to intelligence regarding such issues as cyber related voter fraud and what the future holds for us.

Moderator: Illena Armstrong, VP, editorial, SC Media

- Chris Painter, Former Sr. Director for Cybersecurity, White House, National Security Staff

- Gregory Touhill, Brigadier General, USAF (ret), President, Cyxtera Federal Group

Keynote

Policy, Intelligence and the Future

Discussed will be everything from government mandated cybersecurity policy to intelligence regarding such issues as cyber related voter fraud and what the future holds for us.

Moderator: Illena Armstrong, VP, editorial, SC Media

- Chris Painter, Former Sr. Director for Cybersecurity, White House, National Security Staff

- Gregory Touhill, Brigadier General, USAF (ret), President, Cyxtera Federal Group

9:35 am
-
10:05 am

Management / Tech Track

Management / Tech Track

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

9:36 am
-
10:05 am

Management Track

Cyber/Intellectual Property Insurance - How to remove the ambiguity

The second rising of cyber insurance is here, however the guesswork involved in what is covered and setting premiums remain. The only solution is metrics which are achievable through threat detection and intelligence available today. How do we get there and how will Intellectual Property Insurance fit into the picture?

Moderator: Doug Olenick, online editor, SC Media

- Tony Parillo, Partner, Fortium Partners

- James C. Trainor, Senior Vice President, Aon Risk Solutions

Management Track

Cyber/Intellectual Property Insurance - How to remove the ambiguity

The second rising of cyber insurance is here, however the guesswork involved in what is covered and setting premiums remain. The only solution is metrics which are achievable through threat detection and intelligence available today. How do we get there and how will Intellectual Property Insurance fit into the picture?

Moderator: Doug Olenick, online editor, SC Media

- Tony Parillo, Partner, Fortium Partners

- James C. Trainor, Senior Vice President, Aon Risk Solutions

9:37 am
-
10:05 am

Tech Track

The Cyber Threat Intelligence (CTI) Balancing Act

Over the last 15 years CTI has not only improved but has also been refined. Gone are the days where the most intelligence wins - it’s about the most relevant intelligence so it doesn’t take an army of professionals to analyze it and too late find out your organization is already pwned. Learn how to maximize the right intelligence in a form digestible and actionable by the resources you have.

Moderator: Bradley Barth, senior reporter, SC Media

- Tammy Moskites, Managing Director, Sr. Security Executive, Accenture

- Teddy Powers, Senior Cyber Security Architect, Anomali

Tech Track

The Cyber Threat Intelligence (CTI) Balancing Act

Over the last 15 years CTI has not only improved but has also been refined. Gone are the days where the most intelligence wins - it’s about the most relevant intelligence so it doesn’t take an army of professionals to analyze it and too late find out your organization is already pwned. Learn how to maximize the right intelligence in a form digestible and actionable by the resources you have.

Moderator: Bradley Barth, senior reporter, SC Media

- Tammy Moskites, Managing Director, Sr. Security Executive, Accenture

- Teddy Powers, Senior Cyber Security Architect, Anomali

10:10 am
-
10:40 am

Platinum Sponsor Session 1

Effectuating Multi-Cloud Access Security (Pulse Secure)

The transition from legacy data centers to hybrid environments brings an array of usability, visibility and protection challenges as users connect to applications and resources across network, cloud and SaaS domains. With accelerated demands to support a mobile workforce and consumerization of IT, “trust but verify” controls are crucial to mitigate malware, data privacy, breach and IoT threats. How can anytime, anywhere access be seamless while ensuring consistent policy and protection capabilities. Whether your business is fully cloud invested or going on a per app and business case, this session will explore:

  • How, why and impact of siloed, work-around secure access mechanisms
  • Defining identity, device, security state and information relationships
  • Key components of protected connections, appropriate access, and availability
  • Considerations to gain intelligence, unify policies and orchestrate workflows
  • A reference platform for on-premise and multi-cloud Secure Access

Jim Hebler, Director of Americas' Cyber-Security Solutions, Pulse Secure

Platinum Sponsor Session 1

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

Effectuating Multi-Cloud Access Security (Pulse Secure)

The transition from legacy data centers to hybrid environments brings an array of usability, visibility and protection challenges as users connect to applications and resources across network, cloud and SaaS domains. With accelerated demands to support a mobile workforce and consumerization of IT, “trust but verify” controls are crucial to mitigate malware, data privacy, breach and IoT threats. How can anytime, anywhere access be seamless while ensuring consistent policy and protection capabilities. Whether your business is fully cloud invested or going on a per app and business case, this session will explore:

  • How, why and impact of siloed, work-around secure access mechanisms
  • Defining identity, device, security state and information relationships
  • Key components of protected connections, appropriate access, and availability
  • Considerations to gain intelligence, unify policies and orchestrate workflows
  • A reference platform for on-premise and multi-cloud Secure Access

Jim Hebler, Director of Americas' Cyber-Security Solutions, Pulse Secure

10:45 am
-
11:15 am

Networking and Expo Floor

Networking and Expo Floor

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

11:20 am
-
11:50 am

Platinum Sponsor Sessions 2 & 3

Best Practices for IAM Assessments, Blueprints & Roadmaps (SailPoint)

Organizations process and store huge volumes of sensitive information that belong to their customers and employees – from financial information to medical records to personal identifiers, like social security numbers and birthdates. Inadequate controls in IAM processes and technology can lead to breach, involuntary exposure of this data, and non-compliance issues. But you cannot correct what you don't know, so the first step in any IAM program is assessment.

IDMWORKS CEO & Chief Strategist, Todd Rossin, will address the most common questions around IAM Assessments & Roadmaps - Why Should We Assess? What Should We Assess? and When Should We Reassess?

Todd Rossin, CEO & Chief Strategist at IDMWORKS

Platinum Sponsor Sessions 2 & 3

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

Best Practices for IAM Assessments, Blueprints & Roadmaps (SailPoint)

Organizations process and store huge volumes of sensitive information that belong to their customers and employees – from financial information to medical records to personal identifiers, like social security numbers and birthdates. Inadequate controls in IAM processes and technology can lead to breach, involuntary exposure of this data, and non-compliance issues. But you cannot correct what you don't know, so the first step in any IAM program is assessment.

IDMWORKS CEO & Chief Strategist, Todd Rossin, will address the most common questions around IAM Assessments & Roadmaps - Why Should We Assess? What Should We Assess? and When Should We Reassess?

Todd Rossin, CEO & Chief Strategist at IDMWORKS

11:55 am
-
12:25 pm

Plenary Panel

Lessons Learned from over a Year of Targeted Ransomware Attacks

Discussed will be 3 pieces of the puzzle the industry can all learn from - human behavior, law enforcement and technology. How do we all help each other?

Moderator: Teri Robinson, executive editor, SC Media

- Steve Bongardt, President, The Gyges Group

- Carolyn Schreiber, CISO, Ahold Delhaize

Plenary Panel

Lessons Learned from over a Year of Targeted Ransomware Attacks

Discussed will be 3 pieces of the puzzle the industry can all learn from - human behavior, law enforcement and technology. How do we all help each other?

Moderator: Teri Robinson, executive editor, SC Media

- Steve Bongardt, President, The Gyges Group

- Carolyn Schreiber, CISO, Ahold Delhaize

12:30 pm
-
1:00 pm

Gold Sponsor Sessions 1, 2, 3

Turtles, Trust and the Future of Cybersecurity (Varonis)

Learn how the breakdown in cyber-confidence can only be repaired by recognizing the criticality of data protection in a hybrid, interdependent world - and by securing data first, not last.

Matt Radolec, Security Architect Manager at Varonis

One CISO’s Journey to Cyber Awareness (Wombat Security)

Whether budgets are robust or restrictive, infosec teams are often skeptical about diverting dollars away from technical tools so they can better fund awareness training. Fortune 500 CISO Alan Levine felt the same — until a nation-state attack on his organization led him to reexamine employees’ roles in cybersecurity and the value of defense-in-depth strategies at users’ desktops.

Alan Levine, Security Advisor at Wombat Security

If You Can't Beat 'Em, Join 'Em (Bugcrowd)

Crowdsourced security is a powerful tool - used by leading edge firms such as Google and Facebook - to decrease risk. However, crowdsourced security is not yet well understood across the enterprise security community. This discussion will define crowdsourced security and described why its a key element in any viable security architecture.

David Baker, CSO of Bugcrowd

Gold Sponsor Sessions 1, 2, 3

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

Turtles, Trust and the Future of Cybersecurity (Varonis)

Learn how the breakdown in cyber-confidence can only be repaired by recognizing the criticality of data protection in a hybrid, interdependent world - and by securing data first, not last.

Matt Radolec, Security Architect Manager at Varonis

One CISO’s Journey to Cyber Awareness (Wombat Security)

Whether budgets are robust or restrictive, infosec teams are often skeptical about diverting dollars away from technical tools so they can better fund awareness training. Fortune 500 CISO Alan Levine felt the same — until a nation-state attack on his organization led him to reexamine employees’ roles in cybersecurity and the value of defense-in-depth strategies at users’ desktops.

Alan Levine, Security Advisor at Wombat Security

If You Can't Beat 'Em, Join 'Em (Bugcrowd)

Crowdsourced security is a powerful tool - used by leading edge firms such as Google and Facebook - to decrease risk. However, crowdsourced security is not yet well understood across the enterprise security community. This discussion will define crowdsourced security and described why its a key element in any viable security architecture.

David Baker, CSO of Bugcrowd

1:05 pm
-
2:05 pm

Networking Lunch and Expo Floor

Networking Lunch and Expo Floor

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

2:10 pm
-
2:40 pm

Management / Tech Track

Management / Tech Track

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

2:11 pm
-
2:40 pm

Management Track

Disaster Planning Cyber Security Style

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

Moderator: Illena Armstrong, VP, editorial, SC Media

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

Management Track

Disaster Planning Cyber Security Style

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

Moderator: Illena Armstrong, VP, editorial, SC Media

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

2:12 pm
-
2:40 pm

Tech Track

Controls, Benchmarks and Tools - Best Practices in Building and Maintaining Robust Technical Security

Hear from the Center for Internet Security (CIS) and those that have successfully implemented such controls as they use the many tools available to remove ’security by obscurity’ from our vernacular completely. You bought the tool, you think you bought the service - but the gotcha may be in the fine print.

Moderator: Eric Green, program director, SC Media

- Tony Sager, Senior VP & Chief Evangelist, Center for Internet Security

- Karen Gispanski, VP Global Cyber Security Operations, Neilsen

Tech Track

Controls, Benchmarks and Tools - Best Practices in Building and Maintaining Robust Technical Security

Hear from the Center for Internet Security (CIS) and those that have successfully implemented such controls as they use the many tools available to remove ’security by obscurity’ from our vernacular completely. You bought the tool, you think you bought the service - but the gotcha may be in the fine print.

Moderator: Eric Green, program director, SC Media

- Tony Sager, Senior VP & Chief Evangelist, Center for Internet Security

- Karen Gispanski, VP Global Cyber Security Operations, Neilsen

2:45 pm
-
3:15 pm

Gold Sponsor Sessions 4, 5, 6

ISO 27001 & the GDPR: Identifying Overlap and Streamlining Efforts (OneTrust)

Together, security and privacy teams share a common goal: Protect the organization from reputational damage, lawsuits, and regulatory trouble. On one hand, ISO 27001 focuses on the assessment of risks and protection of the organization. On the other, the GDPR aims to assess and protect the rights and freedoms of individuals. With a joint goal in mind, it is crucial that security and privacy teams work together to develop a common language that produces greater productivity and takes advantage of collective efforts. In this session, OneTrust will present findings from research conducted in cooperation with the International Association of Privacy Professionals (IAPP), sharing how ISO 27001 and the GDPR overlap, as well as how security and privacy teams can work together to become more effective.

Bénédicte Dambrine, Privacy/Legal at OneTrust

Audit as Code - Improving Business Resilience by Applying DevOps Concepts to Audits (Tanium)

Security audits get a bad rap. Ask any IT professional about security audits and you’ll likely receive a colorful, negative response. Yet, when done correctly, audits are a great method for proactively identifying problems before they become major, newsworthy incidents. In this discussion, David Damato, Chief Security Officer from Tanium will provide insight on how security audits can borrow concepts from DevOps in order to strengthen security and deliver value to business stakeholders.

David Damato, Chief Security Officer at Tanium

Autonomous Cyber Defense: AI and the Immune System Approach (Darktrace)

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.

Nancy Karches, Sales Director at Darktrace

Gold Sponsor Sessions 4, 5, 6

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

ISO 27001 & the GDPR: Identifying Overlap and Streamlining Efforts (OneTrust)

Together, security and privacy teams share a common goal: Protect the organization from reputational damage, lawsuits, and regulatory trouble. On one hand, ISO 27001 focuses on the assessment of risks and protection of the organization. On the other, the GDPR aims to assess and protect the rights and freedoms of individuals. With a joint goal in mind, it is crucial that security and privacy teams work together to develop a common language that produces greater productivity and takes advantage of collective efforts. In this session, OneTrust will present findings from research conducted in cooperation with the International Association of Privacy Professionals (IAPP), sharing how ISO 27001 and the GDPR overlap, as well as how security and privacy teams can work together to become more effective.

Bénédicte Dambrine, Privacy/Legal at OneTrust

Audit as Code - Improving Business Resilience by Applying DevOps Concepts to Audits (Tanium)

Security audits get a bad rap. Ask any IT professional about security audits and you’ll likely receive a colorful, negative response. Yet, when done correctly, audits are a great method for proactively identifying problems before they become major, newsworthy incidents. In this discussion, David Damato, Chief Security Officer from Tanium will provide insight on how security audits can borrow concepts from DevOps in order to strengthen security and deliver value to business stakeholders.

David Damato, Chief Security Officer at Tanium

Autonomous Cyber Defense: AI and the Immune System Approach (Darktrace)

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.

Nancy Karches, Sales Director at Darktrace

3:20 pm
-
3:50 pm

Networking and Expo Floor

Networking and Expo Floor

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

3:55 pm
-
4:25 pm

Management / Tech Track

Management / Tech Track

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

3:56 pm
-
4:25 pm

Management Track

Managing Expectations - A Lesson in Garnering Support from Senior Management

Whether poorly communicated from the CISO, from the media or even vendors - senior management, more often than not, are armed with alternative facts which can easily throw need and expectations of the security team out of alignment with the actual mission. How do you pro-actively work to stay ahead of, or away from this damaging trend?

Moderator: Bradley Barth, senior reporter, SC Media

- Pete Chronis, CISO, Turner

- John McCumber, Director of Cybersecurity Advocacy, (ISC)2, Inc.

Management Track

Managing Expectations - A Lesson in Garnering Support from Senior Management

Whether poorly communicated from the CISO, from the media or even vendors - senior management, more often than not, are armed with alternative facts which can easily throw need and expectations of the security team out of alignment with the actual mission. How do you pro-actively work to stay ahead of, or away from this damaging trend?

Moderator: Bradley Barth, senior reporter, SC Media

- Pete Chronis, CISO, Turner

- John McCumber, Director of Cybersecurity Advocacy, (ISC)2, Inc.

3:57 pm
-
4:25 pm

Tech Track

The State of the Patch

First - how is it we are still talking about patching as a security vulnerability? From there technically why is this STILL such an issue and more importantly what can be learned from those who have figured out how to get this right?

Moderator: Teri Robinson, executive editor, SC Media

- Charles Kao, SVP, Cyber Security at EthicalHat

- Alexander Bilus, Partner at Saul Ewing Arnstein & Lehr

- Chris Goettl, Director, Product Management, Security at Ivanti

Tech Track

The State of the Patch

First - how is it we are still talking about patching as a security vulnerability? From there technically why is this STILL such an issue and more importantly what can be learned from those who have figured out how to get this right?

Moderator: Teri Robinson, executive editor, SC Media

- Charles Kao, SVP, Cyber Security at EthicalHat

- Alexander Bilus, Partner at Saul Ewing Arnstein & Lehr

- Chris Goettl, Director, Product Management, Security at Ivanti

4:30 pm
-
5:15 pm

Plenary

Mobile Attack Demo with CISO Panel and Law Enforcement

See live a number of attacks on both IOS and Android mobile devices as a panel of experts comments and discusses ramifications for the business, disclosure, defense, etc.

Moderator: Eric Green, program director, SC Media

- Mark Bilanski, Deputy Director, NYS Cyber Command Center, Cyber Incident Response Team

- Louis Smith, Senior Security Analyst, NYS Cyber Command Center

EXPERT PANEL

- Tony Sager, Senior VP & Chief Evangelist, Center for Internet Security

- Tim Callahan, SVP, Global CISO, Aflac

- Christine Runnegar, Senior Director of Internet Trust, Internet Society

Plenary

Mobile Attack Demo with CISO Panel and Law Enforcement

See live a number of attacks on both IOS and Android mobile devices as a panel of experts comments and discusses ramifications for the business, disclosure, defense, etc.

Moderator: Eric Green, program director, SC Media

- Mark Bilanski, Deputy Director, NYS Cyber Command Center, Cyber Incident Response Team

- Louis Smith, Senior Security Analyst, NYS Cyber Command Center

EXPERT PANEL

- Tony Sager, Senior VP & Chief Evangelist, Center for Internet Security

- Tim Callahan, SVP, Global CISO, Aflac

- Christine Runnegar, Senior Director of Internet Trust, Internet Society

5:20 pm
-
5:30 pm

Conference Closing Remarks

Conference Closing Remarks

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

5:30 pm
-
6:20 pm

Sponsored Cocktails and Networking

Sponsored Cocktails and Networking

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

Register Today >>
SCHEDULE

SCHEDULE

BECOME A

SPONSOR